Man in the middle (MitM) attack detection
Given the following scenario
The devices are connected through VPN with the company infrastructure and using the company proxy for web access.
The devices using zscaler for web access.
SSL connections are intercepted.
Each connection to a wifi network triggers the man in the middle attack detection.
While it's true in principle in those scenarios the proxy itself is trusted.
What about the idea to store a CA in intercept x, so that the detection is not triggered when this CA is used for signing the intercept certificates.
A man in the middle (MITM) attack is a general term for when a perpetrator positions himself in a conversation between a user and an application—either to eavesdrop or to impersonate one of the parties, making it appear as if a normal exchange of information is underway.
AdminThomas Lippert (Principal Product Manager - Mobile, Sophos Features & Ideas Laboratory) commented
Can't you use the MDM system to add the ZScaler certificate to the device certificate list?